Penetration Testing mailing list archives
Re: Export results of spidering from WebScarab or Paros
From: vtlists () wyae de
Date: Mon, 15 Jun 2009 11:53:57 +0200
Alex Fiuvertiz writes:
I would suggest a go for the Burp instead (Burp Proxy) Target->Site map->right click->spider this host After spidering, right click and Copy URL:s/links Or perhaps httrack or wget if you choose the command way.
...or the Thekla web spider (http://www.wyae.de/software/thekla/)which was explicitly written to find forms and URLs with parameters that can/should be tested in a web security pentest.
It conveniently lists the de-duplicated (!) URLs in a plain TXT file. Additionally it lists them sorted with their referers (i.e. HTML forms) - exactly the thing one needs in a web pentest.But obviously I am biased. ;-)
Bye Volker PS: Comments and suggestions are wholeheartedly welcome. -- Volker Tanger http://www.wyae.de/volker.tanger/ -------------------------------------------------- vtlists () wyae de PGP Fingerprint 378A 7DA7 4F20 C2F3 5BCC 8340 7424 6122 BB83 B8CB ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Export results of spidering from WebScarab or Paros Juan Kinunt (Jun 10)
- Re: Export results of spidering from WebScarab or Paros Rogan Dawes (Jun 12)
- Re: Export results of spidering from WebScarab or Paros Martin Žember (Jun 12)
- Re: Export results of spidering from WebScarab or Paros Alex Fiuvertiz (Jun 12)
- Re: Export results of spidering from WebScarab or Paros vtlists (Jun 15)